Re: fsck seg fault failure on vmware -i386?

Date: Sat, 30 Jan 2010 12:55:41 +0000 (UTC)
From: mlelstv%serpens.de@localhost (Michael van Elst)
Message-ID: <hk1a8c$5hm$1%serpens.de@localhost>
| asctime() (and others) may return NULL nowadays. The sequence
| in fsck_ffs/inode.c:pinode()
|
| p = ctime(&t);
| printf("MTIME=%12.12s %4.4s ", &p[4], &p[20]);
|
| might crash if the inode timestamp is 'invalid'.
Yes, it might (even would) but perhaps not the way you are thinking.
While it is certainly true that p might be NULL there, and that fsck_ffs
really needs to do
if (p == NULL)
printf("MTIME="%-17s ", "invalid");
else
the actual reported crash was from within asctime_r(), not directly
inside pinode() which this would have been.
That indicates a related, but different bug, in libc (and in the latest
olson tz code), that is, ctime() is just
ctime(time_t *t)
{
return asctime(localtime(t)));
}
so if localtime() returns NULL (which it can), asctime() (and asctime_r()
which it calls) is handleda NULL pointer, which it certainly doesn't expect,
and will cause asctime_r() to core dump.
That's most likely what is being seen.
The fix I'll be suggesting to the tz people is to harden asctime_r()
rather than adding a test into ctime(), so that asctime_r() simply starts
if (timeptr == NULL)
return NULL;
Once this is installed, then you would get the core dump from pinode()
unless that gets fixed as well.
kre